/**
 *
 * @author Yanglifan
 * @since 2008-12-28
 */
class SecurityFilters {
    def filters = {
        loginCheck(controller: '*', action: '*') {
            before = {
                // The actions can be executed without login.
                def actionsWithoutLogin = ['login', 'register', 'doRegister']
                if (!session.LOGIN_USER && !actionsWithoutLogin.contains(actionName) && !(controllerName == 'main' &&
                        actionName == 'index')) {
                    redirect(uri: '/')
                    return false
                }
            }
        }
    }
}